CVSS Base Vector:
Check if a vulnerable version is present
on the target host.
The remote apcupsd, according to its version number,
is vulnerable to multiple vulnerabilities.
Versions before 3.8.6, and 3.10.x before 3.10.5.
Update to version 3.8.6, 3.10.5 or later.
Multiple flaws exist:
CVE-2001-0040: APC UPS daemon, apcupsd, saves its process ID in a world-writable file.
CVE-2003-0098: Unknown vulnerability possibly via format strings in a request to a slave server.
CVE-2003-0099: Multiple buffer overflows related to usage of the vsprintf function.
CVE-2001-0040: allows local users to kill an arbitrary process by
specifying the target process ID in the apcupsd.pid file.
CVE-2003-0098: allows remote attackers to gain root privileges.
CVE-2003-0099: may allow attackers to cause a denial of service or execute arbitrary code.
Remote Banner Unreliable
NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)
SecurityFocus Bugtraq ID: